A
Alert A notification sent when AnomalyArmor detects an event matching one of your configured rules. Alerts can be sent to Slack, email, PagerDuty, webhooks, or Microsoft Teams. Alert Rule A configuration that defines what events trigger alerts, what conditions must be met, and where notifications are sent. Each rule has an event type, optional scope/conditions, and one or more destinations. Asset A data object that AnomalyArmor discovers and monitors. Assets include tables, views, and materialized views. Each asset has metadata like column names, data types, and change history. Asset Catalog The complete inventory of all discovered assets across your connected data sources. Searchable and filterable, the catalog is your source of truth for what exists in your data infrastructure.B
Baseline The initial state recorded during the first discovery of an asset. Subsequent discoveries compare against this baseline to detect changes. Breaking Change A schema modification likely to cause query failures, such as a removed column or table. Breaking changes typically warrant immediate attention and urgent alerts.C
Change Detection The process of comparing the current state of an asset against its previous state to identify modifications. Part of the discovery process. Connection See Data Source. Cooldown Period The minimum time between repeated alerts for the same event. Prevents alert storms when an issue persists across multiple discoveries.D
Data Classification Tags and labels applied to assets or columns for organization, governance, and compliance. Examples includePII, Financial, Confidential, or custom tags.
Data Quality
The degree to which data meets expectations for freshness, completeness, accuracy, and schema correctness. AnomalyArmor monitors freshness and schema as key quality dimensions.
Data Source
A connection to a database or data platform. Each data source stores credentials, connection settings, and discovery configuration. Also called a “connection.”
Destination
A configured endpoint where alerts are sent. Supported destinations include Slack, email, PagerDuty, Microsoft Teams, and webhooks.
Discovery
The process by which AnomalyArmor scans a database’s system catalogs to find and catalog assets. Discovery detects tables, views, columns, data types, and schema changes.
Discovery Job
A single execution of the discovery process. Each job queries the database, compares findings against the previous state, records changes, and triggers applicable alerts.
F
Freshness A measure of how recently data in a table was updated. Calculated by checking the maximum value of a configured timestamp column. Tables with data older than their SLA are considered “stale.” Freshness SLA See SLA. Freshness Violation An event triggered when a table’s data exceeds its configured freshness threshold. Indicates the data is stale and may impact downstream systems.I
Incremental Discovery A discovery mode that only detects changes since the last run, rather than rescanning everything. Faster and lighter than full discovery. The default for scheduled discoveries after the initial baseline. Information Schema The standard SQL schema containing metadata about database objects. AnomalyArmor queriesinformation_schema (and similar system catalogs) to discover assets. We never query your actual data tables.
M
Metadata Data about data. For AnomalyArmor, this includes table names, column names, data types, constraints, timestamps, and schema history. Metadata is all we , we never see row data. Metric A statistical measurement tracked over time for data quality monitoring. Types include row count, null percentage, distinct count, duplicate count, and numeric statistics (min, max, average). Metrics are captured on a schedule and analyzed for anomalies. Metric Anomaly A metric value that falls outside the expected range based on historical data. Detected using statistical methods (z-score) with configurable sensitivity. Anomalies may indicate data quality issues.P
PII (Personally Identifiable Information) Data that can identify an individual, such as names, email addresses, phone numbers, or social security numbers. Often tagged for compliance purposes using data classification.R
Rule See Alert Rule.S
Schema The structure of a database, including tables, columns, data types, and constraints. In database terminology, also refers to a namespace within a database (e.g.,public schema in PostgreSQL).
Schema Change
Any modification to database structure. Types include: column added, column removed, column type changed, table added, table removed, and constraint modified.
Schema Drift
The phenomenon of database structure changing over time, intentionally or unintentionally. AnomalyArmor detects drift by comparing consecutive discoveries.
Schema History
The complete record of all schema changes detected for an asset. Includes what changed, when it was detected, and before/after values.
Sensitivity
A configuration parameter for anomaly detection that determines how many standard deviations from the mean trigger an alert. Lower values (1.0) are more sensitive and catch smaller deviations. Higher values (3.0) reduce false positives. Default is 2.0.
Scope
The filter criteria on an alert rule that determine which assets the rule applies to. Scope can include data source, schema, specific assets, or patterns.
SLA (Service Level Agreement)
A configured threshold defining how fresh data should be. For example, an SLA of “1 hour” means the table should have data no older than 1 hour. Violations trigger freshness alerts.
Stale Data
Data that hasn’t been updated within its expected timeframe (SLA). Stale data may indicate ETL failures, source system issues, or pipeline problems.
T
Table A fundamental database object that stores data in rows and columns. Tables are the most common asset type monitored by AnomalyArmor. Timestamp Column A column containing date/time values used to track when data was created or updated. AnomalyArmor queries the maximum value of this column for freshness monitoring.U
Unity Catalog Databricks’ unified governance solution for data and AI. AnomalyArmor integrates with Unity Catalog to discover and monitor Databricks assets.V
View A virtual table defined by a SQL query. Views don’t store data themselves but present data from underlying tables. AnomalyArmor monitors views as assets. VPC Peering A network connection between two Virtual Private Clouds (VPCs) that enables private connectivity. Enterprise feature for connecting AnomalyArmor to databases in private subnets.W
Warning Threshold An optional secondary threshold that triggers an early warning alert before the main SLA violation. Gives teams advance notice that data is approaching staleness. Webhook An HTTP callback that receives alert data when events occur. Webhooks enable custom integrations with any system that can receive HTTP requests.Z
Z-Score A statistical measure indicating how many standard deviations a value is from the mean. Used in anomaly detection for metrics. A z-score above the configured sensitivity threshold triggers an anomaly alert.Allowlist A list of allowed IP addresses. Many databases require adding AnomalyArmor’s IP addresses to allowlists in security groups or firewalls before connections can be established.